|Apache ServiceComb Toolkit 0.2.0(LATEST)||[src] [asc] [sha512]||[Binary] [asc] [sha512]|
|Apache ServiceComb Toolkit 0.1.0||[src] [asc] [sha512]|
Verifying the release
It is essential that you verify the integrity of the downloaded files using the PGP or SHA signatures. The PGP signatures can be verified using GPG or PGP. Please download the KEYS as well as the asc signature files for relevant distribution. It is recommended to get these files from the main distribution directory and not from the mirrors.
gpg --import KEYS or pgpk -a KEYS or pgp -ka KEYS
To verify the binaries/sources you can download the relevant asc files for it from main distribution directory and follow the below guide.
gpg --verify apache-servicecomb-toolkit********.asc apache-servicecomb-toolkit-********* or pgpv apache-servicecomb-toolkit-********.asc or pgp apache-servicecomb-toolkit-********.asc
Alternatively you can download the SHA signatures from main distribution repo and verify the downloads using sha512sum.